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This action is in response to the communication filed on 6/19/2006. 



2 



DETAILED ACTION 



3 



Continued Examination Under 37 CFR LI 14 



4 



5 



A request for continued examination under 37 CFR 1.1 14, including the fee set forth in 



6 37 CFR 1 .17(e), was filed in this application after final rejection. Since this application is 

7 eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1 .17(e) 

8 has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 

9 37 CFR 1.114. Applicant's submission filed on 6/19/2006 has been entered. 
10 

1 1 Response to Arguments 

12 Applicant's arguments filed 6/19/2006 have been fully considered but they are not 

13 persuasive. 

14 Regarding applicant's remark that the amendments are "non-narrowing", the examiner 

15 disagrees. However, if the applicant wishes that the added limitations be given no weight, the 

16 examiner maintains all rejections and objections previously made for the reasons previously 

17 presented. Below, the examiner will treat the claims as amended for the sake of furthering 

18 prosecution. 

19 Regarding applicant's argument that Glover did not disclose the device driver decrypting 

20 the encrypted program code portion, the examiner does not find the argument persuasive. Glover 

21 clearly shows in Fig. 7 that the "unwrap procedure", "device driver", and "hidden application" 

22 are all part of one "computer program file". If this were not the case, why would they be placed 
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1 together inside box 126 which is labeled "computer program file"? Glover also clearly shows 

2 that the device driver "performs" the decryption. This can be seen in Fig. 6 Step 1 16 which 

3 describes the operation of the device driver, as well as in Col. 1 1 Paragraph 2, especially lines 

4 23-26. As such the examiner does not find the argument persuasive. 

5 All objections and rejections not set forth below have been withdrawn. 

6 Claims 1-14 have been examined. 

7 Claim Objections 

8 Claims 1-14 are objected to for the following reasons: 

9 The independent claims recite that encryption and decryption are performed by 

10 the device driver. This is not technically correct, as the device driver is simply program data, 

1 1 and it is the processor executing the driver that is actually performing the encryption and 

12 decryption. As such, the claims are objected to. 

1 3 Claim Rejections - 35 USC §102 

14 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 

15 basis for the rejections under this section made in this Office action: 

16 A person shall be entitled to a patent unless - 

17 (b) the invention was patented or described in a printed publication in this or a foreign 

1 8 country or in public use or on sale in this country, more than one year prior to the date of 

1 9 application for patent in the United States. 
20 

21 Claims 1-2, and 4-5 are rejected under 35 U.S.C. 102(b) as being anticipated by Glover 

22 (US Patent Number 6,052,780). 

23 Regarding claim 1, Glover disclosed a method for operating a device driver (See Glover 

24 Abstract and Col. 9 Lines 7-9), comprising the steps of: providing a device driver comprising an 
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1 encrypted program code portion of a main process thereof (See Glover Col. 9 Lines 25-35 hidden 

2 information); decrypting the encrypted program code portion in an initialization process of said 

3 device driver (See Glover Col. 9 Lines 25-35), wherein the decrypting is performed by said 

4 device driver and the encrypted program code portion to be decrypted is in said device driver's 

5 own program (See Glover Figs. 6-7, and Col. 1 1 Paragraph 2); executing the decrypted program 

6 code portion (See Glover Col. 1 1 Lines 3-5) and re-encrypting the executed decrypted program 

7 code portion in an end process of the device driver, in which said device driver is released, 

8 wherein the re-encrypting is performed by the device driver (See Glover Col. 10 Lines 45-47 and 

9 Col. 22 Lines 32-36). 



10 Claim 2 is rejected for the same reasons as claim 1 above and further because Glover 

1 1 disclosed initializing the device driver (hidden information) before decrypting the portions of 

12 code (See Glover Col. 9 Lines 16-19 and Col. 10 Lines 19-27). 

13 Regarding claims 4-5, Glover disclosed extracting a numeric value from an application; 

14 and a creating key, corresponding to the numeric value, for decrypting and re-encrypting the 

15 program code portion in said decrypting and re-encrypting of the program code portion steps 

16 (See Glover Col. 21 Lines 32-38). 

1 7 Claim Rejections - 35 USC §103 

18 The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 

19 obviousness rejections set forth in this Office action: 

20 A patent may not be obtained though the invention is not identically disclosed or 

21 described as set forth in section 102 of this title, if the differences between the subject matter 

22 sought to be patented and the prior art are such that the subject matter as a whole would have 

23 been obvious at the time the invention was made to a person having ordinary skill in the art to 

24 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

25 the invention was made. 
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1 

2 Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Glover, and further 

3 in view of Schneier ("Applied Cryptography, Second Edition"). 

4 Glover disclosed encrypting a program code portion, decrypting the program code 

5 portion, executing the decrypted program code portion, and re-encrypting the program code 

6 portion after processing was complete (See the rejection of claim 1 above and Col 9 Lines 22-24 

7 and Lines 33-35), but failed to disclose encrypting and decrypting with two different keys. 

8 Schneier teaches that double encryption using two different keys provides two times the 

9 security of single encryption (See Schneier Section 15.1). 

10 It would have been obvious to the ordinary person skilled in the art at the time of 

1 1 invention to employ the teachings of Schneier in the encryption, decryption, re-encryption 

12 system of Glover, by encrypting the portion of code with one key and encrypting the result with 

13 a second key and decrypting in a reverse manner. This would have been obvious because the 

14 ordinary person skilled in the art at the time of invention would have been motivated to increase 

1 5 the security of the encrypted program. 

16 Claims 6-1 1 rejected under 35 U.S.C. 103(a) as being unpatentable over Glover as 

17 applied to claims 1-2 above, and further in view of McManis (US Patent Number 5.757.914). 

1 8 Regarding claims 6-7, Glover disclosed the device driver communicating with an 

19 application (See Glover Col. 10 Lines 34-47), but failed to disclose authentication between the 

20 two. 

21 McManis teaches a method for protecting two communicating applications in which 

22 before process A calls process B, A authenticates B by verifying the integrity of B, and before B 



Application/Control Number: 10/076,404 Page 6 

Art Unit: 2131 

1 responds to A, B verifies the integrity of A, and in both cases if the verification fails execution is 

2 aborted (See McManis Col. 3 Line 53- Col. 6 Line 9). 

3 It would have been obvious to the ordinary person skilled in the art at the time of 

4 invention to employ the teachings of McManis in the dynamically loaded device driver by 

5 mutually authenticating the calling application and the device driver by integrity verification 

6 when a request is made by the application to the device driver. This would have been obvious 

7 because the ordinary person skilled in the art would have been motivated to protect the use of the 

8 application as well as the use of the dynamically loaded device driver. 

9 Regarding claims 8-9, the combination of Glover and McManis disclosed providing an 

10 application, which requests the device driver (See Glover Col. 1 1 Lines 6-11), utilizing the 

1 1 application to detect whether or not the program code portion of said device driver has been 

12 forged before supplying output data to said device driver, and when the program code portion of 

13 said device driver has been forged, the application stops outputting the output data to hardware, 

14 and utilizing the device driver to detect whether or not a program code portion of the application 

1 5 has been forged before supplying input data to the application, and when the program code 

16 portion of the application has been forged, said device driver stops outputting the input data to 

17 the application (See McManis. Fig 2 and related text). 

18 Regarding claims 10-11, the combination of Glover and McManis disclosed that said 

19 device driver does not decrypt encrypted data of the application, and wherein only when the 

20 program code portion of said device driver has not been forged, the application decrypts the 

21 encrypted data and provides the decrypted data as the output data to said device driver (See 

22 McManis Col. 5 Lines 50-67). 
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1 Claims 12-13 are rejected under 35 U.S.C. 103(a) as being unpatentable over Glover as 

2 applied to claims 1 and 2 above, and further in view of Cabrera et al. (US Patent Number 

3 5,978,8 1 5) hereinafter referred to as Cabrera. 

4 Glover disclosed a device driver being executed (See Glover Col. 9 Lines 33-35 and Col. 

5 10 Lines 43-47), but failed to disclose the device driver communicating between an application 

6 arranged at a user level and hardware arranged at a privilege level. 

7 Cabrera teaches that device drivers are used to communicate between hardware and 

8 software and that the software typically runs in a user mode and the driver operates at the 

9 privilege level (See Cabrera Col. 7 Paragraph 2). 

10 It would have been obvious to the ordinary person skilled in the art at the time of 

1 1 invention to employ the teachings of Cabrera in the system for securing device drivers of Glover 

12 by having the device driver communicate between a user mode application and hardware 

13 arranged at the privilege level. This would have been obvious because the ordinary person 

14 skilled in the art would have been motivated to allow the driver to perform many functions that 

1 5 would not be possible from user mode. 

16 Claim 14 is rejected under 35 U.S.C. 103(a) as being unpatentable over Glover and 

17 McManis as applied to claim 3 above, and further in view of Cabrera. 

1 8 Glover and McManis disclosed a device driver being executed (See Glover Col. 9 Lines 

19 33-35 and Col. 10 Lines 43-47), but failed to disclose the device driver communicating between 

20 an application arranged at a user level and hardware arranged at a privilege level. 



i 
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1 Cabrera teaches that device drivers are used to communicate between hardware and 

2 software and that the software typically runs in a user mode and the driver operates at the 

3 privilege level (See Cabrera Col. 7 Paragraph 2). 

4 It would have been obvious to the ordinary person skilled in the art at the time of 



5 invention to employ the teachings of Cabrera in the system for securing device drivers of Glover 

6 and McManis by having the device driver communicate between a user mode application and 

7 hardware arranged at the privilege level. This would have been obvious because the ordinary 



8 person skilled in the art would have been motivated to allow the driver to perform many 

9 functions that would not be possible from user mode. 

10 Conclusion 

1 1 Claims 1-14 have been rejected. 

12 The prior art made of record and not relied upon is considered pertinent to applicant's 

13 disclosure. 

14 Any inquiry concerning this communication or earlier communications from the 

15 examiner should be directed to Matthew T. Henning whose telephone number is (571) 272-3790. 

16 The examiner can normally be reached on M-F 8-4. 

17 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

18 supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 

19 organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 



2 Application Information Retrieval (PAIR) system. Status information for published applications 

3 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

4 applications is available through Private PAIR only. For more information about the PAIR 

5 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

6 system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 

7 like assistance from a USPTO Customer Service Representative or access to the automated 

8 information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




9 
10 
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Matthew Henning 
Assistant Examiner 
Art Unit 2131 
9/5/2006 
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